<?php
/**
 * CMS - jQuery plugin 
 *
 * Copyright (c) 2011-2012 Benoit Racine, 2011 Alchimiste Musique et Web (QC/CAN)
 * http://code.google.com/p/the-alchimist-generator/
 *
 * Dual licensed under the MIT and GPL licenses:
 *   http://www.opensource.org/licenses/mit-license.php
 *   http://www.gnu.org/licenses/gpl.html
 *
 */
//------------------------------
// Variables 
//------------------------------

$DbHost = "****";   // le nom du serveur (localhost)
$DbUser = "****";   // le nom de l'usager
$DbPass = "****";    // le mot de passe
$DbName = "****"; // le nom de la BD (****)
$DbTable = "squelette"; // nom de la table de la BD
$section = $_POST["section"];
$position = $_POST["position"];
$html = $_POST["html"];
$action = $_POST["action"];
$login = $_POST["login"]; 
$width = "1";
$height = "1";
$x = "1";
$y = "1";
$output = "";

//------------------------------
// Connexion BD
//------------------------------

$dbh = mysql_connect($DbHost, $DbUser, $DbPass);
mysql_select_db($DbName);

switch($action) {	

case "login": //connection

	if($login==="xMpCOKC5I4INzFCab3WEmw") {
		$output = "tous";
	} else if($login==="PZ9RLSj0sdZLr/y1z4aklQ"){
		$output = "admin";
	} else {
		$output = "no";
	}
	break;

case "save": // saving

	$SqlStatement = "SELECT * FROM ".$DbTable." WHERE section='{$section}' AND position='{$position}'";
	$res =  mysql_query($SqlStatement, $dbh);
	$err = mysql_error($dbh);
	if (mysql_num_rows($res)>0){
		$SqlStatement = "
					UPDATE ". $DbTable."
					SET html='{$html}', width='{$width}', height='{$height}', x='{$x}', y='{$y}'
					WHERE section='{$section}' AND position='{$position}'";
		$output = "Information enregistré, mise à jour!"; 			
	}else{
		$SqlStatement = "
					INSERT INTO ". $DbTable." (section, position, html, width, height, x, y)
					VALUES ('{$section}', '{$position}', '{$html}', '{$width}', '{$height}', '{$x}', '{$y}')";
		$output = "Nouvelle Information enregistré!"; 
	}
	
	$res =  mysql_query($SqlStatement, $dbh);
	$err = mysql_error($dbh);
		
	break;

case "new":	// new section
	
	$width = $_POST["width"];
	$height = $_POST["height"];
	$x = $_POST["x"];
	$y = $_POST["y"];
	
	$SqlStatement = "
					INSERT INTO ". $DbTable." (section, position, html, width, height, x, y)
					VALUES ('{$section}', '{$position}','{$html}', '{$width}','{$height}','{$x}','{$y}')
					";
	$res =  mysql_query($SqlStatement, $dbh);
	$err = mysql_error($dbh);
	
	$row = mysql_fetch_assoc($res);
	
	$output = "ok"; 
	break;

case "get":	// get information
	
	if($section == "all"){
		$outputAll = "";
		$res =  mysql_query(" SELECT section, position, html FROM ". $DbTable." ORDER BY section, position", $dbh);
		
		while ($row = mysql_fetch_assoc($res)){
			$outputAll .= $row['section'] ."_~¤¬_". $row['position'] ."¤~°¬¤". $row['html'] ."°¬¤~°";		
		}

	} else {
		$SqlStatement = "
						SELECT  	html, width, height, x, y
						FROM 		". $DbTable." 
						WHERE 		section='{$section}' AND position='{$position}' ";
		$res =  mysql_query($SqlStatement, $dbh);
		$err = mysql_error($dbh);		
		;
		
		if($row = mysql_fetch_assoc($res)){ $output = $row['html'];
		} else { $output = "vide"; }
	}
	break;
	
case "del":	// deleting

	$SqlStatement = "
					DELETE FROM ". $DbTable."
					WHERE section='{$section}' AND position='{$position}'";
	$res =  mysql_query($SqlStatement, $dbh);
	$err = mysql_error($dbh);
	
	//$row = mysql_fetch_assoc($res);
	
	$output = "La section a été effacée de la base de donnée"; 
	break;
}

if($section == "all"){ echo $outputAll; } else { echo $output; }

?>